CVE-2024-56623
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-56623
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-56623.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-56623
- Downstream
- Related
- Published
- 2024-12-27T14:51:26.484Z
- Modified
- 2025-11-27T19:34:19.652509Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- scsi: qla2xxx: Fix use after free on unload
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Fix use after free on unload
System crash is observed with stack trace warning of use after free. There are 2 signals to tell dpcthread to terminate (UNLOADING flag and kthreadstop).
On setting the UNLOADING flag when dpcthread happens to run at the time and sees the flag, this causes dpcthread to exit and clean up itself. When kthread_stop is called for final cleanup, this causes use after free.
Remove UNLOADING signal to terminate dpcthread. Use the kthreadstop as the main signal to exit dpc_thread.
[596663.812935] kernel BUG at mm/slub.c:294! [596663.812950] invalid opcode: 0000 [#1] SMP PTI [596663.812957] CPU: 13 PID: 1475935 Comm: rmmod Kdump: loaded Tainted: G IOE --------- - - 4.18.0-240.el8.x8664 #1 [596663.812960] Hardware name: HP ProLiant DL380p Gen8, BIOS P70 08/20/2012 [596663.812974] RIP: 0010:slabfree+0x17d/0x360
... [596663.813008] Call Trace: [596663.813022] ? _dentrykill+0x121/0x170 [596663.813030] ? condresched+0x15/0x30 [596663.813034] ? condresched+0x15/0x30 [596663.813039] ? waitforcompletion+0x35/0x190 [596663.813048] ? trytowakeup+0x63/0x540 [596663.813055] freetask+0x5a/0x60 [596663.813061] kthreadstop+0xf3/0x100 [596663.813103] qla2x00remove_one+0x284/0x440 [qla2xxx]
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/blob/ee626f5d79d5817bb21d6f048dc0da4c4e383443/cves/2024/56xxx/CVE-2024-56623.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/07c903db0a2ff84b68efa1a74a4de353ea591eb0
- https://git.kernel.org/stable/c/12f04fc8580eafb0510f805749553eb6213f323e
- https://git.kernel.org/stable/c/15369e774f27ec790f207de87c0b541e3f90b22d
- https://git.kernel.org/stable/c/6abf16d3c915b2feb68c1c8b25fcb71b13f98478
- https://git.kernel.org/stable/c/b3e6f25176f248762a24d25ab8cf8c5e90874f80
- https://git.kernel.org/stable/c/ca36d9d53745d5ec8946ef85006d4da605ea7c54
- https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceda29b3dd7aa14facc902b40b8b5c4dccbfb2ad7d0Fixed12f04fc8580eafb0510f805749553eb6213f323e
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceda29b3dd7aa14facc902b40b8b5c4dccbfb2ad7d0Fixedca36d9d53745d5ec8946ef85006d4da605ea7c54
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceda29b3dd7aa14facc902b40b8b5c4dccbfb2ad7d0Fixedb3e6f25176f248762a24d25ab8cf8c5e90874f80
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceda29b3dd7aa14facc902b40b8b5c4dccbfb2ad7d0Fixed15369e774f27ec790f207de87c0b541e3f90b22d
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceda29b3dd7aa14facc902b40b8b5c4dccbfb2ad7d0Fixed6abf16d3c915b2feb68c1c8b25fcb71b13f98478
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceda29b3dd7aa14facc902b40b8b5c4dccbfb2ad7d0Fixed07c903db0a2ff84b68efa1a74a4de353ea591eb0